[Samba] samba permissions

[Jeremy Drake]

Scott Mayo wrote:
> There was another tech coordinator that asked the following on our list:
>
>  > Hey all, I was wondering if anyone knew of a way to give students
> read/write permissions to a certain drive letter without giving them the
> ability to delete other (or thier own) files.

If they had read/write access, but were not permitted to delete things
(which should be possible with a fairly simple vfs module btw), how would
that be any more useful than if they were permitted to delete things?
What is the practical difference between "rm foo" and
"cat /dev/null > foo" in this case?  You end up with dead zero length
files in the directory instead of deleted files?

something like this (framework stolen from skel_transparent.c) would do it
I think (did not even compile it so it may not work):

#include "includes.h"

static int skel_unlink(vfs_handle_struct *handle, connection_struct *conn,
const char *path)
{
        errno = EPERM;
	return -1;
}

static int skel_rmdir(vfs_handle_struct *handle, connection_struct *conn,
const char *path)
{
	errno = EPERM;
	return -1;
}

static vfs_op_tuple skel_op_tuples[] = {
	{SMB_VFS_OP(skel_rmdir),                        SMB_VFS_OP_RMDIR,
        	SMB_VFS_LAYER_TRANSPARENT},
	{SMB_VFS_OP(skel_unlink),                       SMB_VFS_OP_UNLINK,
        	SMB_VFS_LAYER_TRANSPARENT},
	{NULL,                                          SMB_VFS_OP_NOOP,
        	        SMB_VFS_LAYER_NOOP}
};

NTSTATUS init_module(void)
{
        return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "no_delete",
skel_op_tuples);
}






-- 
(German philosopher) Georg Wilhelm Hegel, on his deathbed, complained,
"Only one man ever understood me."  He fell silent for a while and then added,
"And he didn't understand me."